<![CDATA[The website of the Riau Provincial Plantation Agency plays a vital role in supporting public information and administrative services. However, the use of information technology also introduces various risks that may disrupt system operations. This study aims to analyze information technology risks associated with the website using the ISO 31000:2018 risk management framework. A qualitative descriptive approach was employed, utilizing interviews, observations, and documentation. The risk management process was conducted through the stages of risk identification, analysis, evaluation, treatment, as well as monitoring and review. The findings identified nine main risks. Eight of them were categorized as medium-level risks, including lightning, fire, human error, data corruption, server downtime, hardware damage, overheating, and power outages. One risk—software updates—was classified as low-level. This study is limited to information technology risks identified internally, based on primary data collected from the website management team. The findings provide risk mitigation recommendations that can serve as guidelines to enhance the security and continuity of the information system within the Riau Provincial Plantation Agency.]]>
Copyrights © 2025
